IBM brings the power of Watson to cyber security
The technology industry is having to contend with ever more sophisticated cyber security threats. With a growing shortage of security analysts and masses of data to process this throws more emphasis on the use of AI techniques.
This week at RSA Conference, IBM Security will be demonstrating what the "cognitive security operations center" of the future will look like, including new Watson-powered tools for investigating security events, new services for building these SOCs and breakthrough research that allows customers and analysts to interact with Watson through voice and chat.
According to IBM research, security teams sift through more than 200,000 security events per day on average, leading to over 20,000 hours per year being wasted chasing false positives. For the past year, Watson has been trained on the language of cyber security with over a million security documents, and has been tested with over 40 clients. The system is now ready to work side-by-side with security analysts.
Watson for Cyber Security will be integrated into IBM's new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoints, networks, users and cloud.
At the heart of this platform is IBM QRadar Advisor with Watson, the first tool that taps into Watson's pool of cybersecurity insights. It's already being used by Avnet, the University of New Brunswick, Sopra Steria and 40 other customers globally to augment security analysts’ investigations into incidents.
"The Cognitive SOC is now a reality for clients looking to find an advantage against the growing legions of cybercriminals and next generation threats," says Denis Kennelly, vice president of development and technology at IBM Security. "Our investments in Watson for Cyber Security have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime."
To extend the ability of the Cognitive SOC to endpoints, IBM Security also is announcing a new endpoint detection and response (EDR) solution called IBM BigFix Detect. This helps organizations gain full visibility into the changing endpoint threat landscape while bridging the gap between malicious behavior detection and remediation. BigFix Detect gives security analysts the ability to see, understand and act on threats across their endpoints through a single platform, and deliver targeted fixes on impacted endpoints enterprise-wide.
More information on Watson for Cyber Security and the IBM Cognitive SOC is available now on the IBM Security website.
Image credit: John Mottern/Feature Photo Service for IBM